#
# @author Wójcik Karol <wojcikk@student.agh.edu.pl>
# @licence http://www.gnu.org/copyleft/gpl.html GNU/GPL
#

class MarksController < ApplicationController
layout 'standard'
before_filter :login_required, :authorize
  
  def authorize
    if @session['user'].role != "admin"
        redirect_back_or_default :controller => "error", :action => "info"
    end
  end

  
  def index
    list
    render :action => 'list'
  end

  # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
  verify :method => :post, :only => [ :destroy, :create, :update ],
         :redirect_to => { :action => :list }

  def list
    @mark_pages, @marks = paginate :marks, :per_page => 10
  end

  def show
    @mark = Mark.find(params[:id])
    @marks = Mark.find(:all)
  end

  def new
    @mark = Mark.new
    @marks = Mark.find(:all)
  end

  def create
    @mark = Mark.new(params[:mark])
    @marks = Mark.find(:all)
    if @mark.save
        flash[:notice] = 'Mark was successfully created.'
        redirect_to :action => 'list'
    else
        render :action => 'new'
    end
  end

  def edit
    @marks = Mark.find(:all)
    @mark = Mark.find(params[:id])
  end

  def update
    @marks = Mark.find(:all)
    @mark = Mark.find(params[:id])
    if @mark.update_attributes(params[:mark])
        flash[:notice] = 'Mark was successfully updated.'
        redirect_to :action => 'show', :id => @mark
    else
        render :action => 'edit'
    end
  end

  def destroy
    @users = User.find(:all, :conditions => ["mark_id = ?", params[:id]])
    if @users.blank?
	Mark.find(params[:id]).destroy
	redirect_to :action => 'list'
	else
	redirect_to :controller => 'error', :action => 'account', :code => 'account', :id => params[:id]
    end
  end
end
